Change Management - Authorizing changes
Approvals for changes can be specified in one of several ways.
- Specified by hand, using the Approvers related list
- Generated using an Approval Rule
- Generated using a Process Guide
- Generated using a workflow.
Using automated approvals, emails will be sent out informing the appropriate user that they need to approve the change. They can either update the Approval field on the form, or can simply respond to the email if the appropriate inbound email action is configured.
In this activity, a change is approved, dismissed or cancelled. Change Authorization takes into account the priority and category of the change, as well as the projected costs, time and resource constraints. The decision concerning the Change Authorization must be reflected by the Change Record. The decision between approval or dismissal of the change is met by the Change Authority (CA) responsible for that respective change. The nature of the CA depends on the category (risk) of the change. That is why the CA can either be the Service Owner of the affected service, the CAB, or the Senior Management after a consultative meeting of the CAB. The Change Record is then shifted into the status "authorized-approved" or "authorized-dismissed" depending on the vote of the CA.
To authorize, the following factors have to be taken into account:
- the change priority and category (Risk Analysis).
- the projected costs, budgets, time and resource constraints (Feasibility Study)
Activity Specific Rules
- if the category is "1 - Minor -" the Change Authority (CA) is set to Service Owner
- if the category is "2 - Significant -" the Change Authority (CA) is set to CAB
- if the category is "3 - Critical" the Change Authority (CA) is set to Senior Management (consulted by CAB)
- after selecting the Change Authority (CA) the Change Agent is set to Change Authority (CA)
- at the end of the activity the Change Agent is set to Change Owner
Other ITIL Processes
In order to have a good understanding of ITIL and the importance of configuration management, we first define what ITIL is: ITIL is literally a collection of documentation.
This documentation can help IT organizations implement the best practices. The documentation grows and grows as more successful techniques are documented and guidelines established for what can make others successful. The latest ITIL resources are published by the UK Office of Government Commerce (OGC).
Integrated service delivery refers to the need for Configuration Management, Change Management, Incident Management, Problem Management and Release Management processes that are linked together in a meaningful manner. For example, the process of releasing components to the live environment (the domain of Release Management) is also an issue for Configuration Management and Change Management whilst the Service Desk is primarily responsible for liaison between IT providers and the Users of services. This section highlights the links and the principal relationships between all the Service Management and other infrastructure management processes.
ITIL processes fall under Operational Layer or Tactical Layer, as follows:
| Operational Layer: | Configuration Management - Service Desk Management - Incident & Problem Management - Change Management - Release Management |
| Tactical Layer: | Service Level Management - Availability Management - Capacity Management - Continuity Management - Financial Management |